IoT security spend to surpass $3bn by 2021

IoT devices are quickly taking over homes and businesses, but security has been waylaid to date. As security concerns grow, security spend must mirror this.

After findings revealed almost a fifth of organisations found an IoT-based attack in the last year, Gartner predicts IoT security spending will double by 2021.

The number of IoT devices has increased significantly in the last couple of years, leading to security being placed at the top of the priority list for spending. Gartner predicts that in 2018 IoT security spending is set to increase by 28% to $1.5bn worldwide, in comparison to $1.2bn last year.

Improvement on discovery and asset management, as well as software and hardware security assessments and penetration testing will all be the key driving factors to the increased spend Gartner said.

“In IoT initiatives, organisations often don’t have control over the source and nature of the software and hardware being utilised by smart connected devices,” said Ruggero Contu, research director at Gartner. “We expect to see demand for tools and services aimed at improving discovery and asset management, software and hardware security assessment, and penetration testing. In addition, organisations will look to increase their understanding of the implications of externalising network connectivity.”

Despite security being a concern with IoT devices, Gartner predicts that during 2020 the biggest preventer to growth in security will be lack of priority and implementation of security practice. On average, these factors could hamper the potential amount of spend by 80%.

As the number of IoT devices increases, so does the level of security concerns.

Wilson said: “The solution is relieving the pressure by automating the job of monitoring. An automated system can quickly establish a normal baseline of behaviour for any device so that when bad guys do try to exploit a vulnerability, it becomes immediately obvious. The system can assess the threat and prioritise the most dangerous, allowing security analysts to handle the biggest problems rather than constantly running from pillar to post.”